Re: [At-Large] [ga] Re: Network Solutions Under Large Scale DDoS Attack

To: hdierker2204@xxxxxxxxx
Subject: Re: [At-Large] [ga] Re: Network Solutions Under Large Scale DDoS Attack
From: Joe Baptista <baptista@xxxxxxxxxxxxxx>
Date: Sun, 25 Jan 2009 21:48:48 -0500
Cc: Ga <ga@xxxxxxxxxxxxxx>, At-Large Worldwide <at-large@xxxxxxxxxxxxxxxxxxxxxxx>
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to:cc :content-type; bh=rYGl1u+zzunLYpELn7nsSOk0w84EzY1GgH1dytuGDN8=; b=b+F1zC64XsxGLzGIAHREE/cIhS9Atxkju4eG4alTpRCRcCrQnM5SlmVVREBkHJtLET Hce4Gv3/SUmB23NEjnKAduRXK21aWGromLY1EOeaWCr6SJnduVIpcOLRa624k0Rd+d4q YPXKCUprHrJRpph1MP6fq/f8B5I4spWsC5nSM=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type; b=adlgN4gC1xKqtjHEgHb2047Se0V4b6QasIC8hpO0JI9guhLRstCwA82usZZCSJ9SHD c3wZVVTgmF3L/O4THxd8OP5HbnUipBvDe6vltLf+jAVBc2AmADrw7U/JpnnTc7MLhBZ/ Ld+zbhPUL1dfGBn0lFIILBwCXmWAJ7Dda9AoU=
In-reply-to: <635136.52815.qm@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
List-archive: <http://atlarge-lists.icann.org/pipermail/at-large_atlarge-lists.icann.org>
List-help: <mailto:at-large-request@atlarge-lists.icann.org?subject=help>
List-id: At-Large Worldwide <at-large_atlarge-lists.icann.org.atlarge-lists.icann.org>
List-post: <mailto:at-large@atlarge-lists.icann.org>
List-subscribe: <http://atlarge-lists.icann.org/mailman/listinfo/at-large_atlarge-lists.icann.org>, <mailto:at-large-request@atlarge-lists.icann.org?subject=subscribe>
List-unsubscribe: <http://atlarge-lists.icann.org/mailman/options/at-large_atlarge-lists.icann.org>, <mailto:at-large-request@atlarge-lists.icann.org?subject=unsubscribe>
References: <874c02a20901250643y6d5b5882o72039a67563dc28a@xxxxxxxxxxxxxx> <635136.52815.qm@xxxxxxxxxxxxxxxxxxxxxxxxxxx>
Reply-to: At-Large Worldwide <at-large@xxxxxxxxxxxxxxxxxxxxxxx>
Sender: at-large-bounces@xxxxxxxxxxxxxxxxxxxxxxx

On Sun, Jan 25, 2009 at 5:27 PM, Hugh Dierker <hdierker2204@xxxxxxxxx>wrote:

> Sorry Joe,
>
> I guess I was unclear. My question is this: When this inevitable failure
> occurs where will we go to get what we want?
>

You don't get what you want - most likely.  A failure in the resolution of
the .com zone would result in failures in every other zone where all the
name servers use .com host names.  I've tested this before and it could be
up to 60% of the Internet would be difficult to resolve.

cnn.com would go poof - because it exclusively uses aol.com name servers.  a
lot of sites out side .com would also disappear.

So there is really nothing you can do.  Maybe Jeffs suggestion to visit the
ICANN mens room is not so bad an option worth considering after all.

Now the way to prevent it is to simply distribute domain name server across
many hosts using different TLDs.  This would make the domain less vulnerable
but only if the domain was not .com.  If it is in the .com zone there is
nothing you can do - under this sort of attack it simply won't resolve.

regards
joe baptista



>
> --- On *Sun, 1/25/09, Joe Baptista <baptista@xxxxxxxxxxxxxx>* wrote:
>
> From: Joe Baptista <baptista@xxxxxxxxxxxxxx>
> Subject: Re: [ga] Re: [At-Large] Network Solutions Under Large Scale DDoS
> Attack
> To: hdierker2204@xxxxxxxxx
> Cc: "At-Large Worldwide" <at-large@xxxxxxxxxxxxxxxxxxxxxxx>, "Ga" <
> ga@xxxxxxxxxxxxxx>
> Date: Sunday, January 25, 2009, 6:43 AM
>
>
>
>
> On Sun, Jan 25, 2009 at 9:03 AM, Hugh Dierker <hdierker2204@xxxxxxxxx>wrote:
>
>>   So then following out your so wisened scenario; What would we migrate
>> to then?
>> Or would we just go for walks, read books and watch Network TV shows?
>>
>
> To prevent resolution failure you need name servers having host names from
> zones NOT .com. And this only works for NON .com domains.  If the .com
> servers are successfully attacked then all of .com is effected.
>
> The problem is .com is so pervasive in its popularity and so many name
> server hosts use .com in their host names that this sort of attack is
> inevitable.
>
> regards
> joe baptista
>
>
>
>>
>>
>> --- On *Sat, 1/24/09, Joe Baptista <baptista@xxxxxxxxxxxxxx>* wrote:
>>
>> From: Joe Baptista <baptista@xxxxxxxxxxxxxx>
>> Subject: [ga] Re: [At-Large] Network Solutions Under Large Scale DDoS
>> Attack
>> To: "At-Large Worldwide" <at-large@xxxxxxxxxxxxxxxxxxxxxxx>
>> Cc: "Ga" <ga@xxxxxxxxxxxxxx>
>> Date: Saturday, January 24, 2009, 6:39 PM
>>
>>
>>
>>
>> On Sat, Jan 24, 2009 at 1:56 PM, John R. Levine <johnl@xxxxxxxx> wrote:
>>
>>>  Hate to say it folks - but I told you so a long time ago this was going
>>>> to
>>>> happen.  If you want to attack the Internet - you don't attack the root
>>>> servers - you attack .com name space.  Once .com name space is offline a
>>>> lot
>>>> of the net just twinkles out of existence.
>>>>
>>>
>>> Network Solutions is not Verisign, and hasn't been for about a decade.
>>>
>>> Perhaps you might want to update your bookmarks or something.
>>
>>
>> Don't bother telling me that - email the journalist who wrote the article.
>>
>> The issue here is that a successful attack against the .com servers would
>> take out most of the internet since the technical infrastructure is so
>> heavily dependent on the the .com zone.  Any dummy should understand that.
>>
>> It's irrelevant who runs the .com zone - the problem here is its
>> popularity as a tld label also makes it vulnerable to attack because so many
>> name space objects - ns hosts - are technically dependent on the zone.
>>
>> The day .com goes off line - and this day is inevitable - most of the
>> internet will simply disappear for so many folks.  I look forward to that
>> day - will give me an excuse to take the day off and enjoy an Internet free
>> day..
>>
>> regards
>> joe baptista
>>
>> --
>> Joe Baptista
>> www.publicroot.org
>> PublicRoot Consortium
>> ----------------------------------------------------------------
>> The future of the Internet is Open, Transparent, Inclusive, Representative
>> & Accountable to e Internet community @large.
>> ----------------------------------------------------------------
>>  Office: +1 (360) 526-6077 (extension 052)
>>     Fax: +1 (509) 479-0084
>>
>>
>>
>
>
> --
> Joe Baptista
> www.publicroot.org
> PublicRoot Consortium
> ----------------------------------------------------------------
> The future of the Internet is Open, Transparent, Inclusive, Representative
> & Accountable to the Internet community @large.
> ----------------------------------------------------------------
>  Office: +1 (360) 526-6077 (extension 052)
>     Fax: +1 (509) 479-0084
>
>
>


-- 
Joe Baptista
www.publicroot.org
PublicRoot Consortium
----------------------------------------------------------------
The future of the Internet is Open, Transparent, Inclusive, Representative &
Accountable to the Internet community @large.
----------------------------------------------------------------
 Office: +1 (360) 526-6077 (extension 052)
    Fax: +1 (509) 479-0084
_______________________________________________
At-Large mailing list
At-Large@xxxxxxxxxxxxxxxxxxxxxxx
http://atlarge-lists.icann.org/mailman/listinfo/at-large_atlarge-lists.icann.org

At-Large Official Site: http://atlarge.icann.org

References:
- Re: [At-Large] [ga] Re: Network Solutions Under Large Scale DDoS Attack
  - From: Joe Baptista

Prev by Date: Re: [At-Large] Network Solutions Under Large Scale DDoS Attack
Next by Date: [At-Large] Jay Sulzberger we-do-not-exist anti ICANN campaign goes live
Previous by thread: Re: [At-Large] [ga] Re: Network Solutions Under Large Scale DDoS Attack
Next by thread: Re: [At-Large] Network Solutions Under Large Scale DDoS Attack
Index(es):
- Date
- Thread